Businesses Gain a Better Grasp of IT Security Issues
A survey also reveals that people are found to be almost universally the biggest weakness in information security, ahead of technology and processes.Businesses appear to me moving toward a stronger focus on insider threats and more understanding of cyber-security issues at the board level, according to a Nuix survey of 30 IT security officials. The report found that there's a greater focus on insider threats since the first report was conducted in 2014, with nearly three-quarters (71 percent) of respondents reporting that they have an insider threat program or policy, and 14 percent said that they allocate 40 percent or more of their budget to insider threats. The survey also found people to be almost universally thought of as the biggest weakness in information security, ahead of technology and processes—of the respondents that reported to have an insider threat or policy, 70 percent offer employee training to minimize risk. "The first agenda item for businesses with limited budgets is understanding that this is not merely an IT issue," Keith Lowry, senior vice president of business threat intelligence and analysis at Nuix, told eWEEK. "It is a risk management issue that must begin in the boardroom and C-levels. IT is extremely important, but this issue goes well beyond the typical IT departmental authorities, capabilities, experience and training."
According to Lowry, the next agenda item to tackle is a training and awareness programs, noting training begins at the board room and C-suite, including managers and all employees.